2017 November Cisco Official New Released 400-351 Dumps in Lead2pass.com!
100% Free Download! 100% Pass Guaranteed!
How to 100% pass 400-351 exam? Lead2pass 400-351 dump is unparalleled in quality and is 100% guaranteed to make you pass 400-351 exam. All the 400-351 exam questions are the latest. Here are some free share of Cisco 400-351 dumps.
Following questions and answers are all new published by Cisco Official Exam Center: https://www.lead2pass.com/400-351.html
QUESTION 191
Refer to the exhibit. It belongs to a Cisco IOS AP with just one radio. This portion of configuration refers to a multiple SSID/VLAN configuration. Which statement is correct?
A. The configuration does not allow for non-corporate clients to connect to any SSID Guest traffic.There fore will not allowed.
B. `mbssid guest-mode’ is used to allow broad cat of multiple SSIDs on the radio interface. No other `mbssid” commands are needed to achieve this functionality.
C. The AP must have subinterfaces 80,81,and 82 configured on the Radio 0 and Ethernet interfaces.
D. The SSID “EAP” will allow clients to connect to it using any EAP authentication method such as EAP-TLS.
Answer: C
Explanation:
http://www.cisco.com/c/en/us/support/docs/wireless-mobility/service-set-identifier-ssid/116118-configure-ap-ssid-ios.html#anc9
QUESTION 192
You have been hired to install new Cisco switches at ACME Corporation. The company has an existing Cisco network comprised of access layer switches that use multiple VLANs and VLAN trunking protocol to distribute the VLANs to the switches throughout the network.
Which two methods are best to accomplish your task? (Choose two.)
A. Configure the VLAN Trunking Protocol pruning on the new switches because they may not
need all of the VLANs.
B. Prior to installation, ensure that all switches are running the same Cisco IOS software version as the VTP server.
C. Ensure that all the new Cisco switches have their VTP domain name set to the default value of “null”
D. Configure one of the new switches as a VTP server to distribute the VLANs appropriately.
E. Ensure that all switches are running the same VTP version.
F. Ensure that all switches have the same VLAN Trunking Protocol password and encryption level.
G. Configure all new switches as VTP clients and relocated switches as VTP server because they already have all the VLANs in their database.
Answer: CE
Explanation:
NOTE: Exam options have some changes, so the answer is uncertain.
From:
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/vtp.html#wp1034490
QUESTION 193
Which of the below characteristics of RPL is true?
A. RPL is designed for lossy networks.
B. RPL is an IPv6 link-state routing protocol.
C. RPL can send only messages in secured mode.
D. RPL uses hello messages to send routing updates to its neighbors.
Answer: A
QUESTION 194
Refer to the exhibit. You have been asked to troubleshoot why VTP is not distributing new VLANs to a VTP client switch. Which option is the most likely root cause of this VTP problem.
A. The VTP password is not set to level 15 on the client switch.
B. The VTP password encryption level is not set on the client switch.
C. The VTP encryption level does not match on the client switch.
D. The VTP password is incorrect on the client switch.
E. The client switch is set to transparent mode. Which ignores VLAN configuration updates from VTP servers.
Answer: D
QUESTION 195
You are the network administrator for ACME corporation.
Your organization has deployed a single
Cisco 5500 Series Wireless Controller with 100 Cisco Aironet 3500 Series Aps.
A new IT member is worried that most of these Aps are working at a power level3 on the 5GHz radio specially. As this power level setting is causing issues in your wireless network. Which option describes the likely cause of this behavior?
A. The WLC has been recently rebooted, which causes the TPC algorithm to set power level 3 on
all APs for 90 seconds.
B. The controller TPC algorithm seems to have a problem. It might have been set to work in TPCv2 mode instead of TPCv1.
C. The WLC is misconfigured because the static power of level 3 has been set for all the APs under TPC settings.
D. Cisco 7925 wireless IP Phones are in use and the DTPC feature is enabled on the 5 GHz radio.
Answer: D
QUESTION 196
Which two advanced WLAN options are required when deploying central web authentication with Cisco ISE? (Choose two.)
A. P2P Blocking Action set to Drop.
B. NAC State RADIUS NAC
C. NAC State SNMP NAC.
D. DHCP Addr. Assignment disabled.
E. Allow AAA override enabled.
Answer: BE
QUESTION 197
Which two statements about AP Local Authentication by FlexConnect AP in standalone mode are true? (Choose two)
A. From AireOS release 8.0, Cisco Extended Keying Groups (CEKG) is a supported Local Authentication Protocol when deploying FlexConnect.
B. Only LEAP, EAP-FAST, PEAP, and EAP-TLS authentications are supported.
C. Cisco Wireless LAN Controller must generate a certificate signing request by itself for submitting to a certificate authority for signing.
D. Only the vendor Certificate Authority (CA) certificate has to be downloaded to the Cisco Wireless LAN Controller for EAP-TLS authentication.
E. When using EAP-TLS, a FlexConnect Group must be created so that the Cisco Wireless LAN Controller can push the certificates to the FlexConnect AP in the FlexConnect Group.
Answer: BE
QUESTION 198
Two wireless IP phones are never able to call each other when connected to the same autonomous AP. However, they can place calls to other wireless IP phones that are connected to other APs or to wired IP phones. The wireless phones are operating on VLAN 100.
Based on this output, which statement about the problem is true?
A. P2P blocking is enabled via the bridge-group 100 block-unknow-source command.
B. P2P blocking is enabled via the no bridge-group 100 unicast-flooding command.
C. P2P blocking is enabled via the bridge-group 100 port-protected command.
D. P2P blocking is enabled via the no bridge-group 100 source-larning command.
E. P2P blocking is enabled via the bridge-group 100 subscriber-loop-control command.
Answer: C
QUESTION 199
Which statement about a Cisco Mesh Network when a radar event is detected by the MAP on a mesh tree when coordinated channel change is enabled Is true?
A. The MAP immediately stops transmission on the current channel and joins the parent again after 30 minutes after the channel is marked as clean.
B. The MAP continues transmission of the beacons and probes for 10 seconds after the radar detection and suspends operation for the next 30 mins.
C. The MAP propagates radar event information to the RAP in the same BGN. Searchs for a different parent working on a nono-dfs channel and join there.
D. The MAP propagates the radar event information to the RAP and the whole sector moves to the new channel.
Answer: A
Explanation:
DFS in MAP
The MAP performs the following steps as a response to radar detection:
1. The MAP sends a radar seen indication to the parent and ultimately to the RAP indicating that the channel is infected. The RAP sends this message to the controller. The message appears to be coming from the RAP. The MAP, RAP, and controller mark the channel as infected for 30 minutes.
2. The MAP blocks the channel for 30 minutes. This 30-minute period is called the nonoccupancy period.
3. The controller sends a TRAP, which indicates that the radar has been detected on the channel. The TRAP remains until the nonoccupancy period expires.
4. The MAP has 10 seconds to move away from the channel. This is called the channel move time, which is defined as the time for the system to clear the channel and is measured from the end of the radar burst to the end of the final transmission on the channel.
5. The MAP enters the quiet mode. In the quiet mode, the MAP stops data transmissions. Beacons are still generated and probe responses are still delivered. The quiet mode exists until the channel move time is over (10 seconds).
6. The controller picks up a new random channel and sends the channel to the RAP.
7. The RAP receives the new channel information and sends channel change frames (unicast, encrypted) to a MAP, and each MAP sends the same information to its lower children down the sector. Each mesh access point sends the channel change frames once every 100 msecs for a total of five times.
8. Each mesh access point tunes to the new channel and enters into the silent mode. During the silent mode, only the receiver is ON. There is no packet transmission. An AP keeps scanning the new channel for any radar presence for 60 seconds. This process is called the channel availability check (CAC). The MAP should not disconnect from the controller. The network should remain stable during this one-minute period.
DFS functionality allows a MAP that detects a radar signal to transmit that up to the RAP, which then acts as if it has experienced radar and moves the sector. This process is called the coordinated channel change. This functionally can be turned on or off on the controller.
The coordinated channel change is enabled by default.
QUESTION 200
Drag and Drop Question
Drag and drop the channel lists on the left onto the corresponding UNII bands on the right, as applicable in the new-B Regulatory Domain for US. Not allow options are used.
Answer:
QUESTION 201
Which three statements about the high availability configuration on the Cisco 5760 WLCs are true? (Choose three.)
A. Cisco WLC with more reboots is elected as active when the default stack priority is in use.
B. EtherChannel bundles all ports on both active and standby Cisco WLC on a logical port.
C. Cisco 5760 WLC uses a dedicated high availability port for high availability and configuration synchronization.
D. High availability switchover is triggered when one of the ports on the active Cisco WLC EtherChannel bundle fails.
E. Active Cisco WLCs in a pair can be identified using LED state without issuing any command on the Cisco WLC console.
F. Cisco WLC with the highest priority in a stack are elected as the active Cisco WLC during the election process.
G. All configuration including certificates are automatically synced between active and standby Cisco WLC.
Answer: BEF
QUESTION 202
Which statement about network automation and/or network orchestration is true?
A. Automation focuses on coordinating multiple tasks at the same time.
B. Orchestration and automation focus on a single task at a time.
C. Orchestration focuses on coordinating multiple tasks at the same time.
D. Automation and orchestration focus on coordinating multiple tasks at the same time.
Answer: C
QUESTION 203
When your wireless client device roams from one AP to another on the same network, which IEEE protocol can be used to authenticate the clients faster?
A. 802.11r also called Assisted Roaming
B. 802.11k also called Assisted Roaming
C. 802.11r also called Fast BSS Transition
D. 802.11k also called Predictive Based Roaming
E. 802.11r also called Predictive Based Roaming
F. 802.11k also called Fast BSS Transition
Answer: C
QUESTION 204
VLAN Trunking Protocol is a Cisco proprietary protocol that propagates the definition of VLANs over the local area network. Which two statements are true?(Choose two.)
A. VTP requires access mode interfaces to propagate.
B. VTP requires trunk mode interfaces to propagate.
C. VTP transparent mode forwards VTP packets and can act as a client or a server.
D. VTP config revision increases base on switch uptime.
E. When Cisco switches are started from scratch, they are in server mode and their domain is set to null.
Answer: BE
QUESTION 205
You have configured VideoStream on a Cisco WLC and users are now viewing the company video broadcast over the wireless network.
How can you verify you have VideoStream configured and working in the Cisco WLC GUI?
A. The Multicast Status shows “Normal Multicast” in the Multicast Group Details.
B. The Multicast Status shows “MediaStream Ongoing” in the Client detail page.
C. The Multicast Status shows “Multicast-direct Allowed” in the Multicast Group Details.
D. The Multicast Status shows “MediaStream Allowed” in the Multicast Group Details.
Answer: C
QUESTION 206
Drag and Drop Question
Drag and drop the events involved in a typical location tracking workflow from the left into the correct order on the right. Not all items are used.
Answer:
QUESTION 207
You are the network administrator of a Cisco Autonornous AP deployment.
You want to stop a client with MAC address 5057.a89e.b1f7 and IP address 10.0.0.2 from associating to your APs.
Which configuration do you use?
Answer: D
QUESTION 208
You are the wireless administrator for ACME corporation.
You must configure a Cisco Catalyst 3850 Series Switch to work as mobility agent to allow access point association to this switch. Which statement about this scenario is true?
A. Access points must be connected to an access port that has the access VLAN configured to be the same as the service port VLAN on the Catalyst 3850 switch.
B. Access points must be connected to a trunk port with the native VLAN set to 1 in order to join
the WLC on the Catalyst 3850 switch.
C. Access points must be connected to an access port with the access VLAN configured to the same as the wireless management VLAN on the Catalyst 3850 switch.
D. Access points must be connected to an access port that has the access VLAN configured to be the same as the management VLAN for the switch stack.
E. Access points mut be connected to an access port with the access VLAN configured to be any VLAN that has a Layer 3 interface (SVI) on the Catalyst 3850 switch.
Answer: C
QUESTION 209
Which major block is not included in the ETSI Network Function Virtualization reference framework?
A. Network Function Virtualization Infrastructure.
B. Network Function Virutalization Management and Orchestration.
C. Network Function Virtualization Policy Manager.
D. Virtualized Network Function/ Element Management Systems.
Answer: C
QUESTION 210
With the introduction of mDNS policies in AireOS release 8.0, the administrator can configure to identify who uses the Bonjour service instances and in which location. Based on user 802.1x authentication. aAAA server/ISE can be configured to return which two possible values in the form of a “CISCO-AV-PAIR”? (Choose two.)
A. Client-role
B. User-role
C. User-ID
D. Bonjour-profile
E. Client-location
Answer: BD
Always up-to-date Lead2pass 400-351 VCE – everything you need for your Cisco 400-351 exam to pass. Our Cisco 400-351 software allows you to practise exam dumps in real 400-351 exam environment. Welcome to choose.
More 400-351 new questions (with images) on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDY0FaMFVrWHdXWEk
2017 Cisco 400-351 exam dumps (All 305 Q&As) from Lead2pass:
https://www.lead2pass.com/400-351.html [100% Exam Pass Guaranteed]
Comments are closed.